package controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class LoginController {
	
	@RequestMapping("login")
	@ResponseBody
	public String login(UsernamePasswordToken token) {
		Subject subject=SecurityUtils.getSubject();
		try {
			//登录，判断石头登录成功
			subject.login(token);
			//登录成功后将当前用户存入session
			Session session=subject.getSession();
			//将当前的token存入session
			//就是将user存入session
			session.setAttribute("currentUser", token);
			
			return "success";
		} catch (AuthenticationException e) {
			return "fail";
		}
		
	}
}
